This terraform project automates the deployment of a 3-tier architecture in AWS with WordPress installed and configured on webservers. It creates the following resources:
A custom VPC with 6 subnets: 2 public and 4 private, internet & NAT gateways, RDS MySQL databases & webservers in private subnets, security groups, a bastion host & an application load balancer in public subnets, an elastic file system, a Route53 hosted zone and autoscaling groups that create & scale bastion & webserver instances. It also creates an S3 bucket that securely stores terraform's state files.
- The bastion/jump host & application load balancer reside in the public presentation layer
- Wordpress application web servers are located in the private application layer
- MySQL database & its standby replica are in the private database layer
The entire project's code is seperated into various configuration files to make it easier to read, understand & maintain. For a detailed breakdown, check out this blogpost where i describe each .tf configuration file and their respective functions.
- AWS CLI configured with your access and secret keys
- Terraform installed on your local machine
- Clone this repo using command
git clone https://github.com/Lily-G1/AWS-3Tier-Wordpress-Architecture-Terraform.git terraform_project
- Go to project folder:
cd terraform_project
- Go to s3 bucket folder:
cd s3-bucket-state
- Initalize terraform here & create bucket:
terraform init
terraform plan
terraform apply
- Go back to main project directory
cd ..
- You must specify your keypair in the variables.tf file
- You may also change name of VPC, CIDR, subnet IP addresses, database name/type, etc in the variables.tf file
- Initialize terraform, view project's creation plan & apply:
terraform init
terraform plan
terraform apply
- At this point, you will be prompted for your sensitive values i.e database password & username
- Creation of resources will take a few minutes. After a successful run, the load balancer's DNS endpoint will be exposed as defined in the output.tf file. Copy this URL & paste in your browser with "/wordpress" and you will be redirected to the official Wordpress admin/registration page:
- Route53's name servers will also be exposed. You can add them to your domain provider's site to propagate your domain
- Destroy resources:
terraform destroy
cd ..
cd s3-bucket-state
and destroy S3 bucket as well
-
If you're on the AWS free tier, all resources are free except for the NAT gateway which cost about $0.10/hour at the time of creating this project. Be sure to destroy your resources as soon as possible to avoid incremental charges
-
Ideally, two NAT gateways should be created for redundancy; one in each public subnet (See architectural diagram). However, to avoid incurring excess charges, this project deploys just one